Code Review / vpp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
IPSEC: no second lookup after tunnel encap
[vpp.git] / src / vat / api_format.c
diff --git a/src/vat/api_format.c b/src/vat/api_format.c
index 5ddbb57..1d93cc1 100644 (file)
--- a/src/vat/api_format.c
+++ b/src/vat/api_format.c
@@ -15215,21 +15215,21 @@ vl_api_ipsec_sa_details_t_handler (vl_api_ipsec_sa_details_t * mp)
   vat_main_t *vam = &vat_main;
 
   print (vam->ofp, "sa_id %u sw_if_index %u spi %u proto %u crypto_alg %u "
-        "crypto_key %U integ_alg %u integ_key %U use_esn %u "
-        "use_anti_replay %u is_tunnel %u is_tunnel_ip6 %u "
+        "crypto_key %U integ_alg %u integ_key %U flags %x "
         "tunnel_src_addr %U tunnel_dst_addr %U "
         "salt %u seq_outbound %lu last_seq_inbound %lu "
         "replay_window %lu total_data_size %lu\n",
-        ntohl (mp->sa_id), ntohl (mp->sw_if_index), ntohl (mp->spi),
-        mp->protocol,
-        mp->crypto_alg, format_hex_bytes, mp->crypto_key, mp->crypto_key_len,
-        mp->integ_alg, format_hex_bytes, mp->integ_key, mp->integ_key_len,
-        mp->use_esn, mp->use_anti_replay, mp->is_tunnel, mp->is_tunnel_ip6,
-        (mp->is_tunnel_ip6) ? format_ip6_address : format_ip4_address,
-        mp->tunnel_src_addr,
-        (mp->is_tunnel_ip6) ? format_ip6_address : format_ip4_address,
-        mp->tunnel_dst_addr,
-        ntohl (mp->salt),
+        ntohl (mp->entry.sad_id),
+        ntohl (mp->sw_if_index),
+        ntohl (mp->entry.spi),
+        ntohl (mp->entry.protocol),
+        ntohl (mp->entry.crypto_algorithm),
+        format_hex_bytes, mp->entry.crypto_key.data,
+        mp->entry.crypto_key.length, ntohl (mp->entry.integrity_algorithm),
+        format_hex_bytes, mp->entry.integrity_key.data,
+        mp->entry.integrity_key.length, ntohl (mp->entry.flags),
+        format_vl_api_address, &mp->entry.tunnel_src, format_vl_api_address,
+        &mp->entry.tunnel_dst, ntohl (mp->salt),
         clib_net_to_host_u64 (mp->seq_outbound),
         clib_net_to_host_u64 (mp->last_seq_inbound),
         clib_net_to_host_u64 (mp->replay_window),
@@ -15239,13 +15239,32 @@ vl_api_ipsec_sa_details_t_handler (vl_api_ipsec_sa_details_t * mp)
 #define vl_api_ipsec_sa_details_t_endian vl_noop_handler
 #define vl_api_ipsec_sa_details_t_print vl_noop_handler
 
+static void
+vat_json_object_add_address (vat_json_node_t * node,
+                            const vl_api_address_t * addr)
+{
+  if (ADDRESS_IP6 == addr->af)
+    {
+      struct in6_addr ip6;
+
+      clib_memcpy (&ip6, &addr->un.ip6, sizeof (ip6));
+      vat_json_object_add_ip6 (node, "ip_address", ip6);
+    }
+  else
+    {
+      struct in_addr ip4;
+
+      clib_memcpy (&ip4, &addr->un.ip4, sizeof (ip4));
+      vat_json_object_add_ip4 (node, "ip_address", ip4);
+    }
+}
+
 static void vl_api_ipsec_sa_details_t_handler_json
   (vl_api_ipsec_sa_details_t * mp)
 {
   vat_main_t *vam = &vat_main;
   vat_json_node_t *node = NULL;
-  struct in_addr src_ip4, dst_ip4;
-  struct in6_addr src_ip6, dst_ip6;
+  vl_api_ipsec_sad_flags_t flags;
 
   if (VAT_JSON_ARRAY != vam->json_tree.type)
     {
@@ -15255,39 +15274,36 @@ static void vl_api_ipsec_sa_details_t_handler_json
   node = vat_json_array_add (&vam->json_tree);
 
   vat_json_init_object (node);
-  vat_json_object_add_uint (node, "sa_id", ntohl (mp->sa_id));
+  vat_json_object_add_uint (node, "sa_id", ntohl (mp->entry.sad_id));
   vat_json_object_add_uint (node, "sw_if_index", ntohl (mp->sw_if_index));
-  vat_json_object_add_uint (node, "spi", ntohl (mp->spi));
-  vat_json_object_add_uint (node, "proto", mp->protocol);
-  vat_json_object_add_uint (node, "crypto_alg", mp->crypto_alg);
-  vat_json_object_add_uint (node, "integ_alg", mp->integ_alg);
-  vat_json_object_add_uint (node, "use_esn", mp->use_esn);
-  vat_json_object_add_uint (node, "use_anti_replay", mp->use_anti_replay);
-  vat_json_object_add_uint (node, "is_tunnel", mp->is_tunnel);
-  vat_json_object_add_uint (node, "is_tunnel_ip6", mp->is_tunnel_ip6);
-  vat_json_object_add_bytes (node, "crypto_key", mp->crypto_key,
-                            mp->crypto_key_len);
-  vat_json_object_add_bytes (node, "integ_key", mp->integ_key,
-                            mp->integ_key_len);
-  if (mp->is_tunnel_ip6)
-    {
-      clib_memcpy (&src_ip6, mp->tunnel_src_addr, sizeof (src_ip6));
-      vat_json_object_add_ip6 (node, "tunnel_src_addr", src_ip6);
-      clib_memcpy (&dst_ip6, mp->tunnel_dst_addr, sizeof (dst_ip6));
-      vat_json_object_add_ip6 (node, "tunnel_dst_addr", dst_ip6);
-    }
-  else
-    {
-      clib_memcpy (&src_ip4, mp->tunnel_src_addr, sizeof (src_ip4));
-      vat_json_object_add_ip4 (node, "tunnel_src_addr", src_ip4);
-      clib_memcpy (&dst_ip4, mp->tunnel_dst_addr, sizeof (dst_ip4));
-      vat_json_object_add_ip4 (node, "tunnel_dst_addr", dst_ip4);
-    }
+  vat_json_object_add_uint (node, "spi", ntohl (mp->entry.spi));
+  vat_json_object_add_uint (node, "proto", ntohl (mp->entry.protocol));
+  vat_json_object_add_uint (node, "crypto_alg",
+                           ntohl (mp->entry.crypto_algorithm));
+  vat_json_object_add_uint (node, "integ_alg",
+                           ntohl (mp->entry.integrity_algorithm));
+  flags = ntohl (mp->entry.flags);
+  vat_json_object_add_uint (node, "use_esn",
+                           ! !(flags &
+                               IPSEC_API_SAD_FLAG_USE_EXTENDED_SEQ_NUM));
+  vat_json_object_add_uint (node, "use_anti_replay",
+                           ! !(flags & IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY));
+  vat_json_object_add_uint (node, "is_tunnel",
+                           ! !(flags & IPSEC_API_SAD_FLAG_IS_TUNNEL));
+  vat_json_object_add_uint (node, "is_tunnel_ip6",
+                           ! !(flags & IPSEC_API_SAD_FLAG_IS_TUNNEL_V6));
+  vat_json_object_add_uint (node, "udp_encap",
+                           ! !(flags & IPSEC_API_SAD_FLAG_UDP_ENCAP));
+  vat_json_object_add_bytes (node, "crypto_key", mp->entry.crypto_key.data,
+                            mp->entry.crypto_key.length);
+  vat_json_object_add_bytes (node, "integ_key", mp->entry.integrity_key.data,
+                            mp->entry.integrity_key.length);
+  vat_json_object_add_address (node, &mp->entry.tunnel_src);
+  vat_json_object_add_address (node, &mp->entry.tunnel_dst);
   vat_json_object_add_uint (node, "replay_window",
                            clib_net_to_host_u64 (mp->replay_window));
   vat_json_object_add_uint (node, "total_data_size",
                            clib_net_to_host_u64 (mp->total_data_size));
-
 }
 
 static int
@@ -20085,8 +20101,6 @@ static void vl_api_ip_neighbor_details_t_handler_json
 
   vat_main_t *vam = &vat_main;
   vat_json_node_t *node;
-  struct in_addr ip4;
-  struct in6_addr ip6;
 
   if (VAT_JSON_ARRAY != vam->json_tree.type)
     {
@@ -20104,17 +20118,7 @@ static void vl_api_ip_neighbor_details_t_handler_json
   vat_json_object_add_string_copy (node, "link_layer",
                                   format (0, "%U", format_vl_api_mac_address,
                                           &mp->neighbor.mac_address));
-
-  if (ADDRESS_IP6 == mp->neighbor.ip_address.af)
-    {
-      clib_memcpy (&ip6, &mp->neighbor.ip_address.un.ip6, sizeof (ip6));
-      vat_json_object_add_ip6 (node, "ip_address", ip6);
-    }
-  else
-    {
-      clib_memcpy (&ip4, &mp->neighbor.ip_address.un.ip4, sizeof (ip4));
-      vat_json_object_add_ip4 (node, "ip_address", ip4);
-    }
+  vat_json_object_add_address (node, &mp->neighbor.ip_address);
 }
 
 static int
Vector Packet Processing